Malicious PDF — malware analysis report

Static analysis result for SHA-256 98825b75be9f00ad…

MALICIOUS

PDF

13.9 KB Created: 2019-04-30 03:58:53 +01:00 Authoring application: mPDF 5.7
MD5: 530d17a0c8160c5c340dfc01e83e4904 SHA-1: 35cde3dbeb5a0735c71c8a366293430a432864e1 SHA-256: 98825b75be9f00ad5e3f85a9f701e5b7104205669edae37fafa539f2efb8eaf9
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1059.001 PowerShell

The PDF file contains a large number of embedded links, identified by the PDF_SEO_LINK_FARM heuristic, which suggests a link farm or traffic-driving scheme. While the URLs themselves are currently marked as benign, the sheer volume and the nature of the heuristic indicate a malicious intent to direct users to potentially harmful content. No scripts were extracted from this sample.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/9094091099091094/Notes-on-a-Rebellion-Notes-from-Random-Knight-1-by-Valentina-Hepburn.pdf
    • http://loaminoo.linkpc.net/1092095096091098/Notes-on-a-Rebellion-Notes-from-Random-Knight-1-by-Valentina-Hepburn.pdf
    • http://loaminoo.linkpc.net/9099099094094096/Notes-from-Hampstead-The-Writer-s-Notes-1954-1971-by-Elias-Canetti.pdf
    • http://loaminoo.linkpc.net/3090093092097093/Prince-of-Dorkness-More-Notes-from-a-Totally-Lame-Vampire-Notes-2-by-Tim-Collins.pdf
    • http://loaminoo.linkpc.net/5094094091092091/F-Scott-Fitzgerald-s-the-Great-Gatsby-Monarch-Notes-by-Monarch-Notes.pdf
    • http://loaminoo.linkpc.net/3094099091091091/Audrey-Hepburn-an-Elegant-Spirit-A-Son-Remembers-by-Sean-Hepburn-Ferrer.pdf
    • http://loaminoo.linkpc.net/1093098097093097/Notes-of-a-Crocodile-by-Qiu-Miaojin.pdf
    • http://loaminoo.linkpc.net/1093093091095095/Dark-Notes-by-Pam-Godwin.pdf
    • http://loaminoo.linkpc.net/4094094093098094/Notes-From-A-Defeatist-by-Joe-Sacco.pdf
    • http://loaminoo.linkpc.net/2099093097093/Thank-You-Notes-by-Jimmy-Fallon.pdf
    • http://loaminoo.linkpc.net/4094090091094090/Notes-from-the-Dog-by-Gary-Paulsen.pdf
    • http://loaminoo.linkpc.net/5091098091090092/Notes-to-a-Friend-by-Joy-Cowley.pdf
    • http://loaminoo.linkpc.net/3092090096090091/Notes-from-the-Cafe-by-R-F-Georgy.pdf
    • http://loaminoo.linkpc.net/9095091097093097/Notes-From-a-Defeatist-by-Joe-Sacco.pdf
    • http://loaminoo.linkpc.net/9091097091/Hate-Notes-by-Vi-Keeland.pdf
    • http://loaminoo.linkpc.net/3090094090099091/A-Fan-s-Notes-by-Frederick-Exley.pdf
    • http://loaminoo.linkpc.net/2096095095094098/Notes-on-a-Scandal-by-Zo-Heller.pdf
    • http://loaminoo.linkpc.net/3098094099099096/Guitar-Notes-by-Mary-Amato.pdf
    • http://loaminoo.linkpc.net/4097093099098091/Notes-for-the-Aurora-Society-by-Jim-O-39-Donnell.pdf
    • http://loaminoo.linkpc.net/3091093098095098/Notes-on-a-Scandal-What-Was-She-Thinking-by-Zo-Heller.pdf
    • http://loaminoo.linkpc.net/5091098091090092/Notes-to-a-Frie

Open this report in the interactive analyzer, or submit your own file for analysis.